Logprep
Logprep copied to clipboard
fkie-cad
log data pre processing, generation and shipping in python
**Expected behavior** As a user of the Field Manager, I expect source fields to be added to the end of a list, if I make use of the `extend_target_list` feature....
In preparation of #502 should be necessary to introduce a result object. This should propagate all extradata, logging and exceptions to the main processs `pipeline.py` module. ```python class ProcessorResult: extra_output_data:...
While working through the Logprep Architecture some inconsistencies in the processors were found. This should be fixed to improve ongoing maintenance and future developments. Following points should be revised: -...
Logprep currently writes processor errors to a document field named `tags`. Example: `tags : [ _generic_adder_failure ]`. This can be confusing if the original document already contains a field named...
https://www.elastic.co/guide/en/elasticsearch/reference/8.12/query-dsl-query-string-query.html#query-string-fuzziness we should implement this feature in favor of multiline regex support to address the same use cases. multiline regex would be to expensive during prozessing logs. this could be...
As for now we have to use the extra_field `regex_fields` to match fields by a regex. lucene hast a filter syntax to address regex matching: https://www.elastic.co/guide/en/elasticsearch/reference/8.12/query-dsl-query-string-query.html#_regular_expressions we should implement it...